[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Weak stenography.

To: [email protected] (Phil Karn)
Subject: Re: Weak stenography.
From: [email protected] (Nick Szabo)
Date: Wed, 23 Jun 1993 06:02:17 -0700 (PDT)
Cc: [email protected]
In-Reply-To: <[email protected]> from "Phil Karn" at Jun 23, 93 08:17:29 am


Phil Karn:
> if they find "readdat.exe" on
> your PC, disassemble it and discover that it's a program to extract and
> decrypt ciphertext from DAT tapes, you're in trouble. And if you encrypt
> your copy of "readdat.exe", well, you now need a plaintext decryption
> program to decrypt THAT.

Perhaps some hacks (ab)used by virus writers might be useful here.
We might hide "readdat.exe" inside a larger "innocuous.exe" and
scramble it with the "mutation engine", which creates a unique signature 
for each copy of readdat.exe's code (including the engine itself, which
bootstraps from a very short common code sequence).  The result 
is they have no signature to search for, even if they already have 
a copy of "readdat.exe" and the mutation engine.

Nick Szabo				[email protected]

References:
- Re: Weak stenography.
  - From: [email protected] (Phil Karn)

Prev by Date: Re: YAA (yet another article)
Next by Date: re: Weak stenography.
Prev by thread: re: Weak stenography.
Next by thread: Re: Weak stenography.
Index(es):
- Date
- Thread